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after SIX (6) MONTHS from the mailing date of this communication. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
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Status 
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2a)K This action is FINAL. 2b)n This action is non-final. 
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closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213, 

Disposition of Claims 

4) 13 Claim(s) 1-18 is/are pending in the application. 
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5) n Claim(s) is/are allowed. 

6) K1 Claim(s) 1-18 is/are rejected. 
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Application Papers 
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Replacement drawing sheet(s) Including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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* See the attached detailed Office action for a list of the certified copies not received. 




KAMBIZZAND 

Attachment(s) PRIMARY EXAMINER 

1) ^ Notice of References Cited (PTO-892) 4) □ Inten/iew Summary (PTO-413) 

2) □ Notice of Draflsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. 

3) la Information Disclosure Statement(s) (PTO/SB/08) 5) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date 07/02 . 6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 08-06) 



Office Action Summary 



Part of Paper No./Mail Date 1 11 82006 



Application/Control Number: 10/089,941 
Art Unit: 2132 



Page 2 



DETAILED ACTION 

1. This office action is in reply to an amendment filed on September 05, 2006. All 
independent claims, namely claims, 1, 13, 16 and 18 are amended. No claim is canceled. 
Thus, claims 1-18 are pending. 

Response to Arguments 

2. Applicant's remark/ arguments filed on regarding September 05, 2006 regarding claims 
1-18 have been fully considered but are moot in view of new grounds of rejection. 

Claim Rejections - 35 USC §103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 

at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

4. Claims 1, 12-14,16-18 are rejected under 35 U.S.C. 102(e) as being unpatentable by 
Tuomas Aura . (hereinafter referred as Aura ) ( U.S. Patent No: 6, 71 1, 400 Bl) in view of C.R. 
Snow (hereinafter referred as Snow), article written with the title, "Simple Authentication" 
(Published 1994) (Reference U) 

5. As per claims 1, 13-14, 16-18 Aura discloses a secure method of transmitting a 
message between a sender node [figure 4, reference HLR/AUC; authentication station] and a 
recipient node [figure 4, reference 407; Mobile station] within a network collaboration group, 
the sender and the recipient sharing a secret encryption key [Ki] (ki, used in the function Hi 
meets the recitation of the encryption key which is shared at both authentication center 
and mobile station) and an expected nonce value [ RANDl] (the nonce value as described in 
the disclosure is just a number so RANDl or random number meets the recitation of the 
expected nonce value) comprising: 
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Generating a new nonce value [RAND 2] known to the sender [Figure 4, reference 404; 
RAND2] (The authentication center generate a new nonce value RAND2 at the 
authentication center/ sender) 

Encrypting the message including the expected nonce value and the new nonce value, 
using the encryption key[See figure 4, reference 405 and HI] (Both the new nonce 
value RAND 2 which is generated at the sending station, the expected nonce value 
RANDl are encrypted by the key Ki using the hash function HI]; 

Transmitting the encrypted message [SRBSlj from the sender [Figure 4, reference 
405] to the recipient node [Figure 4, reference 407]; and 

Furthermore, Aura discloses, verifying, by the recipient, that the encrypted 
message[SRESl] includes the expected nonce value[ figure 4, reference "408"] (If the 
encrypted message SRESl sent from the sender side 405 to the recipient side 407 
does not include the corrected expected nonce value RANDl then the verification 
test at figure 4, reference 408 fails Since SRBSl' will not be equal to SRESl 
otherwise it will passe the verification test ). 

Aura further teaches, wherein the expected nonce value and the new nonce value 
are recoverable from encrypted message using knowledge possessed by the 
recipient node prior to receipt of the encrypted message. [See the "ki", shown on 
Figure 4, ref. Num "405" and "407"](The key "Ki", which is shown on figure 4, ref, "405" 
and ref. Num "407" is a knowledge possessed by the recipient node prior to the receipt 
of the encrypted message and the expected nonce value RAND 1 and the new nonce 
value RAND 2 are recoverable from the encrypted message SRESl, using "ki"/the 
knowledge possessed by the recipient node prior to receipt of the encrypted message) 

Aura does not explicitly disclose 
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Wherein the encrypted message may be verified by the recipient by decrypting 
the encrypted message and confirrning that the encrypted message includes the 
expected nonce value. 

However, in the same field of endeavor, Snow, discloses the method wherein encrypted 
message may be verified by the recipient by decrypting the encrypted message and 
confirming that the encrypted message includes the expected nonce value. [See page 
444, 3^^ paragraph]. On page 444, 3^«* paragraph the following has been disclosed. 
"On receipt of the *set key* message, the workstation asks the user to supply the 
authorizing password, i.e. the old password corresponding to the name, and then to 
supply the new password. The old password is used to create the encryption 
key, and the new password is used to create the new key. The nonce and the new 
key are then encrypted with the old key, and sent back to the host. If the nonce is 
succesfuUy decrypted, the database entry corresponding to <name> is updated with 
the new key." 

It would have been obvious to one having ordinary skill in the art, at the 
time the invention was made, to combine the features verifying by the 
recipient by decrypting the encrypted message and confirming that the 
encrypted message includes the expected nonce value as per teachings 
of Snow into the method as taught by Aura, in order to provide strong 
authentication mechanism. 

6. As per claim 12 the combination of Aura and Snow discloses a secure method of 
transmitting a message between a sender node and a recipient node as applied to claims above. 
Furthermore Aura discloses the method further including receiving a copy of a prior message 
being transmitted as a replay attack, and rejecting the replay as illicit at least in part because 
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the replay does not contain the current expected nonce value, [figure 4, 408, discard 
connection] 

Claim Rejections - 35 USC §103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

8. Claims 2-11 and IS are rejected under 35 U.S.C. 102(e) as being unpatentable by 
Tuomas Aura . (hereinafter referred as Aura ) ( U.S. Patent No: 6, 71 1, 400 Bl) in view of C.R. 
Snow (hereinafter referred as Snow), article written with the title, "Simple Authentication" 
(Published 1994) (Reference U), further in view of Janson et al (hereinafter referred as Janson) 
(U. S. Patent No. 5, 729, 608) (Provided v^th IDS) 

9. As per claims 2-3 A ura discloses a secure method of transmitting a message between 
a sender node [figure 4, reference HLR/AUC; authentication station] and a recipient node 
[figure 4, reference 407; Mobile station] within a network collaboration group, the sender and 
the recipient sharing a secret encryption key [Ki] (ki, used in the function Hi meets the 
recitation of the encryption key which is shared at both authentication center and 
mobile station) and an expected nonce value [ RANDl] (the nonce value as described in the 
disclosure is just a number so RANDl or random number meets the recitation of the 
expected nonce value) comprising: 

Generating a new nonce value [RAND 2] known to the sender [Figure 4, reference 404; 
RAND2] (The authentication center generate a new nonce value RAND2 at the 
authentication center/ sender) 
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Encrypting the message including the expected nonce value and the new nonce value, 
using the encryption key[See figure 4, reference 405 and HI] (Both the new nonce 
value RAND 2 which is generated at the sending station, the expected nonce value 
RANDl are encrypted by the key Ki using the hash function Hlj; 

Transmitting the encrypted message [SRESl] from the sender [Figure 4, reference 
405] to the recipient node [Figure 4, reference 407]; and 

Furthermore, Aura discloses, verifying, by the recipient, that the encrypted 
message[SRESl] includes the expected nonce value[ figure 4, reference "408*"] (If the 
encrypted message SRESl sent from the sender side 405 to the recipient side 407 
does not include the corrected expected nonce value RANDl then the verification 
test at figure 4, reference 408 fails Since SRESl' will not be equal to SRESl 
otherwise it will passe the verification test ). 

Aura further teaches, wherein the expected nonce value and the new nonce value 
are recoverable from encrypted message using knowledge possessed by the 
recipient node prior to receipt of the encrypted message. [See the "ki", shown on 
Figure 4, ref. Num "405" and "407"](The key "Ki", which is shown on figure 4, ref, "405" 
and ref Num "407" is a knowledge possessed by the recipient node prior to the receipt 
of the encrypted message and the expected nonce value RANDl and the new nonce 
value RAND 2 are recoverable from the encrypted message SRESl, using "ki"/the 
knowledge possessed by the recipient node prior to receipt of the encrypted message) 

Aura does not explicitly disclose 

Wherein the encrypted message may be verified by the recipient by decrypting 
the encrypted message and confirming that the encrypted message includes the 
expected nonce value. 
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However, in the same field of endeavor, Snow, discloses the method wherein encrypted 
message may be verified by the recipient by decrypting the encrypted message and 
confirming that the encrypted message includes the expected nonce value. [See page 
444, S'"^ paragraph]. On page 444, 3*^*^ paragraph the following has been disclosed. 
"On receipt of the *set key' message, the workstation asks the user to supply the 
authorizing password, i.e. the old password corresponding to the name, and then to 
supply the new password. The old password is used to create the encryption 
key, and the new password is used to create the new key. The nonce and the new 
key are then encrypted with the old key, and sent back to the host. If the nonce is 
succesfully decrypted, the database entry corresponding to <name> is updated with 
the new key." 

It would have been obvious to one having ordinary skill in the art, at the 
time the invention was made, to combine the features verifying by the 
recipient by decrypting the encrypted message and confirming that the 
encrypted message includes the expected nonce value as per teachings 
of Snow into the method as taught by Aura, in order to provide strong 
authentication mechanism. 

o The combination of Aura and Snow does not explicitly disclose 

Generating a second new nonce value, known to the recipient node; transmitting a secure response from the 
recipient to the sender by repeating the method of claim 1, but this time using the second new nonce value in place 
of the new nonce value and using the new nonce value in place of the expected nonce value. 

However, in the field of endeavor Janson discloses 

Generating a second new nonce value, known to the recipient node; transmitting a 
secure response from the recipient to the sender by repeating the method of claim 1, 
but this time using the second new nonce value in place of the new nonce value and 
using the new nonce value in place of the expected nonce value, [figure 2, 202] 
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It would have been obvious to one having ordinary skill in the art, at the time the 
invention was made, to add the features having the recipient providing the 
authentication information to the sender as per teachings of Janson in to the method as 
taught by the combination of Aura and Snow, in order to provide a secure 
communication. [See Janson, column 2, lines 9-11] 

10. As per claims 4-6 and 15 the combination of Aura, Snow and Janson discloses a 

secure method of transmitting a message between a sender node and a recipient node as 
applied to claims above. Furthermore Janson discloses the method wherein the sender is a key 
managing master node and the recipient is a member node of the collaboration group, [column 
3,lines 30-42] 

11. As per claims 7-11 t he combination of Aura, Snow and Janson discloses a secure 
method of transmitting a message between a sender node and a recipient node as applied to 
claims above. Furthermore Janson discloses the method wherein the method is used with a 
key-managing master node in order to perform an authentication process for opening a 
collaboration group session with a new member node. [Column 3, lines 35-37; column 1, lines 
41-51; column 4, lines 6-21] 

Conclusion 

12. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant 
is reminded of the extension of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
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will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Samson B Lemma whose telephone number is 571-272-3806. 
The examiner can normally be reached on Monday-Friday (8:00 am— 4: 30 pm). 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
BARRON JR GILBERTO can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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